Source URL: https://www.schneier.com/blog/archives/2025/03/improvements-in-brute-force-attacks.html
Source: Schneier on Security
Title: Improvements in Brute Force Attacks
Feedly Summary: New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.”
Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that use shorter keys. In order to estimate the actual threat imposed by using those short keys, precise estimates for attacks are crucial.
In this work we provide optimized implementations of several widely used algorithms on GPUs, leading to interesting insights on the cost of brute force attacks on several real-word applications…
AI Summary and Description: Yes
Summary: The text presents a paper that explores optimized implementations of cryptographic algorithms on GPUs for brute force cryptanalysis. It highlights significant performance improvements in breaking symmetric cryptography keys for real-world applications such as GPRS, GSM, RFID, and TETRA, which is crucial information for security professionals regarding the vulnerabilities associated with shorter cryptographic key lengths.
Detailed Description:
– The paper focuses on the implications of symmetric key lengths in cryptography and the growing threat of brute force attacks, particularly given advancements in GPU technology.
– Short key lengths, although no longer recommended, are still utilized in many standards and applications, making this research pertinent for security assessments of existing systems.
– The authors present optimized implementations for the following algorithms:
– **KASUMI**: used in GPRS/GSM communications.
– **SPECK**: employed in RFID communication.
– **TEA3**: utilized in TETRA systems.
– Performance results showcase the capability of a single RTX 4090 GPU to evaluate keys at the following rates:
– KASUMI: 235.72 keys per second
– SPECK: 236.72 keys per second
– TEA3: 234.71 keys per second
– Significant findings include:
– The KASUMI optimization results are more than 15 times faster than prior implementations from the CRYPTO’24 paper.
– Estimations indicate that breaking GPRS/GSM communication would require approximately 11.22 billion RTX 4090 GPUs, while RFID and TETRA would need 1.36 million, emphasizing the resources needed for large-scale attacks.
– The research also highlights the efficiency of time-memory trade-off attacks, suggesting a reduction in the number of GPUs needed and time required for table generation, which has substantial implications for cryptanalytic tasks.
– The authors conclude with a caveat that while current attacks are not practical yet, continuous improvements and optimizations could elevate the feasibility of these attacks, alerting security professionals to the evolving landscape of cryptographic threats.
This paper is of considerable significance for professionals in information security, cryptanalysis, and those involved in compliance and governance regarding the use of cryptographic protocols. Understanding these capabilities and threats aids in better preparedness to defend against potential vulnerabilities.